<?php
class UAC
{
	private $user_id;
	
	public function __construct($sessionManager)
	{
		if(!$sessionManager) //no session
			$this->user_id = 0;
		else
			$this->user_id = $sessionManager->userID;
	}
		
	public function isActionAllowed($module, $action)
	{
		$sql = "Select * from uac". 
			   " where (user_id = ? or user_id = 0)".
			   " and obj_type = 'ACTION'".
			   " and ? like obj_name";

		$vo = DBUtils::instance()->selectSingleVO($sql, array($this->user_id, "$module.$action"));
		
		return ($vo != null);
	}
	
	public function isQueryAllowed($queryName)
	{
		$sql = "Select * from uac". 
			   " where (user_id = ? or user_id = 0)".
			   " and obj_type = 'QUERY'".
			   " and obj_name = ?";

		$vo = DBUtils::instance()->selectSingleVO($sql, array($this->user_id, $queryName));
		
		return ($vo != null);
	}
}
?>